Role in IT decision-making process:Align Business & IT GoalsCreate IT StrategyDetermine IT NeedsManage Vendor RelationshipsEvaluate/Specify Brands or VendorsOther RoleAuthorize PurchasesNot Involved

Work Phone:

Company:

Company Size:

Industry:

Street Address

City:

Zip/postal code

State/Province:

Country:

Occasionally, we send subscribers special offers from select partners. Would you like to receive these special partner offers via e-mail?YesNo

Your registration with Eweek will include the following free email newsletter(s):News & Views

By submitting your wireless number, you agree that eWEEK, its related properties, and vendor partners providing content you view may contact you using contact center technology. Your consent is not required to view content or use site features.

By clicking on the "Register" button below, I agree that I have carefully read the Terms of Service and the Privacy Policy and I agree to be legally bound by all such terms.

Microsoft Campaign to Make Passwords Obsolete Starts at Headquarters

Most of Microsoft's employees are using Windows Hello, the company's biometric technology, to log into their PCs as the company seeks to serve as an example to all Windows PC users.

Microsoft wants to make passwords a thing of the past and it's a mission that begins at headquarters.

The majority of the company's workforce has already turned their backs on using passwords, at least when it comes to logging in to their Windows PCs, according to Bret Arsenault, corporate vice president and chief information security officer at Microsoft. Instead, they are using Windows Hello for Business, which integrates with the Azure Active Directory authentication service.

Soon, the executive expects that all the company's 125,000 employees will "go completely password free," he stated in a Dec. 26 blog post.

Further reading

Windows Hello is a biometric authentication technology that ships with Windows 10. It enables users to access their machines and compatible apps using fingerprint readers, facial recognition scanners and even iris scans. Outside of the organization, Microsoft claims that among Windows 10 users with compatible biometrics hardware, 70 percent are using Windows Hello in place of regular passwords.

Although the company claims it is a faster and enterprise-grade alternative to inputting a password, recently it was found that the technology is not completely foolproof.

German cyber-security firm SSyS announced on Dec. 18 that it had tricked Windows Hello into granting access to a Surface Pro PC with a printout. In compatible systems, the technology uses infrared sensors to detect the presence of a live user in front of the camera, but SSyS was able to circumvent the safeguard with a modified, low-resolution printout of an IR scan. A proof-of-concept video is available on YouTube.

In a cyber-security landscape beset by major breaches, phishing attacks and other threats, username and password pairs are increasingly becoming a detriment to data privacy and security. Oftentimes, users are their own worst enemy.

Security vendor BeyondTrust recently named apathy the number one deadly sin of privileged access management. In its survey of 474 IT professionals, the firm discovered that dangerous habits and apathetic attitudes toward password management ran rampant at enterprises.

Seventy-nine percent of respondents reported that their organization's users share passwords with other users and 76 percent neglected to change their default passwords. Three-quarters (75 percent) said users still cling to weak, easy-to-guess passwords.

What do weak passwords look like?

Unimaginative attempts like "123456" and "password," earned the number one and two spots on SplashData's Worst Passwords of 2017 list, respectively (both retained their 2016 rankings). Third place went to "12345678," followed by "qwerty" and "12345." The company based its analysis on five million leaked passwords, mostly from the North America and Western Europe.